bind920: update to version 9.20.23.
Pkgsrc changes:
* None, other than checksum changes.
Upstream changes:
BIND 9.20.23
------------
Security Fixes
~~~~~~~~~~~~~~
- Fix outgoing zone transfers' quota issue. ``1006b044b7``
Unauthorized clients could consume outgoing zone transfers quota and
block authorized zone transfer clients. This has been fixed.
:gl:`#3589`
[344 lines not shown]
sysutils/zellij: import package
Packaged in wip by ci4ic4 (with the aid of Claude Code). bsiegert and myself.
Zellij is a terminal workspace. It has the base functionality of a terminal
multiplexer (similar to tmux or screen) but includes many built-in features
that would allow users to extend it and create their own personalized
environment.
misc/tailspin: update to 6.1.0
Added
--extras jvm-stack-trace highlights JVM stack traces (Java, Kotlin, Scala, etc.)
TAILSPIN_EXTRAS environment variable to set extras without the --extras flag
Performance
Cache ANSI style prefixes in a thread-local, avoiding per-line allocation in the render pipeline
Fixed
Theme parse and read errors now include the path of the offending file
Reject unknown fields in theme.toml so they surface as errors instead of being silently ignored
--exec no longer tears down the pager the moment the spawned subprocess exits
Kill the pager when tailspin exits due to a stream error, instead of leaving it orphaned
Overriding builtin keywords in theme.toml should always take precedence over the builtin
ones (#267)
audio/spotify-qt: reset maintainer
Given constant changes in Spotifys API and increasing restrictions being
imposed, I can no longer test these packages.
- librespot
- ncspot
- spotify-player
- spotify-qt
It's still my intention to keep these up-to-date but, I can only run test
builds and no functional testing. Hence, dropping MAINTAINER.
audio/spotify-player: reset maintainer
Given constant changes in Spotifys API and increasing restrictions being
imposed, I can no longer test these packages.
- librespot
- ncspot
- spotify-player
- spotify-qt
It's still my intention to keep these up-to-date but, I can only run test
builds and no functional testing. Hence, dropping MAINTAINER.
audio/ncspot: reset maintainer
Given constant changes in Spotifys API and increasing restrictions being
imposed, I can no longer test these packages.
- librespot
- ncspot
- spotify-player
- spotify-qt
It's still my intention to keep these up-to-date but, I can only run test
builds and no functional testing. Hence, dropping MAINTAINER.
audio/librespot: reset maintainer
Given constant changes in Spotifys API and increasing restrictions being
imposed, I can no longer test these packages.
- librespot
- ncspot
- spotify-player
- spotify-qt
It's still my intention to keep these up-to-date but, I can only run test
builds and no functional testing. Hence, dropping MAINTAINER.
py-eliot: updated to 1.18.0
1.18.0
Bug fixes:
* Fixed traceback-logging issue in threaded logger on some versions of Python.
Enhancements:
* JSON logging will now output a repr for unserializable objects, rather than blowing up and failing to log. Thanks to Maciej Katafiasz for the patch.
* Official support for Python 3.14.
Deprecations and removals:
* Dropped support for Python 3.9.
lang/ruby40: update to 4.0.5
Ruby 4.0.5 (2026-05-20)
* CVE-2026-46727: Use-after-free in pthread-based getaddrinfo timeout
handler
* Bug #22065: make rdoc fails with invalid byte sequence in US-ASCII on Ruby
4.0.4 under C locale - Ruby - Ruby Issue Tracking System
net/bind918: update to 9.18.49
BIND 9.18.49 (2026-05-20)
Security Fixes
* Limit resolver server list size. (CVE-2026-3592)
When resolving a domain with many nameservers that shared overlapping IP
addresses (e.g., 10 NS records all pointing at the same set of addresses),
BIND could previously waste time querying duplicate addresses and build up
excessively large server lists. Addresses in the resolver's server list
are now deduplicated so that each unique IP is only queried once per
resolution attempt, regardless of how many NS records point to it. The
number of addresses stored per nameserver name is also now capped at six
(combined A and AAAA), preventing memory and CPU overhead from domains
with unusually large NS/glue sets.
ISC would like to thank Shuhan Zhang from Tsinghua University for
[72 lines not shown]
py-decorator: updated to 5.3.1
5.3.1 (2026-05-18)
Added license SPDX identifier to pyproject.toml (reported by
Christian Lackas).
5.3.0 (2026-05-17)
Added official support for Python 3.14 (thanks to Hugo van Kemenade,
David Cain and the GitHub user bersbersbers).
Fixed a bug with "return await" contributed by Kadir Can Ozden.
Moved decorator.py to a package structure (`decorator/__init__.py`) and
added a stub file (`decorator/__init__.pyi`) contributed by Marco Gorelli.
py-findpython: updated to 0.8.0
0.8.0
Bug Fixes
Correct script execution command in _run_script function
Update required Python version to 3.9 in pyproject.toml and streamline CI configuration
textproc/inlyne: update to 0.5.2
0.5.2 - 2026-05-19
Adds back the macOS x64 target that was dropped the past release, and updates most of our dependencies.
Deprecations
Replaces the Visual Studio Dark+ syntax highlighting theme with the default dark theme, and emit a deprecation warning (6ce93ce)
Releases
Add x86_64 (intel-based) macOS back to CI (#451)
Internal
Update all of the dependencies outside of rendering related ones (#448)
0.5.1 - 2026-05-13
Features
[29 lines not shown]
py-scrapy: updated to 2.16.0
Scrapy 2.16.0 (2026-05-19)
Highlights:
- Official support for Python 3.14
- Support for Twisted 26.4.0+
Modified requirements
- Increased the minimum versions of the following dependencies:
- service_identity_: 18.1.0 → 23.1.0
- Added support for Twisted 26.4.0+.
- Added support for Python 3.14.
Backward-incompatible changes
[141 lines not shown]
